diff options
author | Andrey Andreev <narf@devilix.net> | 2016-10-27 15:55:19 +0200 |
---|---|---|
committer | Andrey Andreev <narf@devilix.net> | 2016-10-27 15:55:19 +0200 |
commit | 0c23e9122666a30797079bea9415da135d4f7e12 (patch) | |
tree | 52d59498a7409ee2e5cf8bd2eee1659d397291dd /system/database | |
parent | 2b9d88c3fe78218bb9d8bcbb6ea114d190bc0d0e (diff) |
Fix #4871
Diffstat (limited to 'system/database')
-rw-r--r-- | system/database/DB_query_builder.php | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 7a008eeb8..5491b2000 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -1915,7 +1915,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $affected_rows = 0; for ($i = 0, $total = count($this->qb_set); $i < $total; $i += $batch_size) { - if ($this->query($this->_update_batch($this->protect_identifiers($table, TRUE, NULL, FALSE), array_slice($this->qb_set, $i, $batch_size), $this->protect_identifiers($index)))) + if ($this->query($this->_update_batch($this->protect_identifiers($table, TRUE, NULL, FALSE), array_slice($this->qb_set, $i, $batch_size), $index))) { $affected_rows += $this->affected_rows(); } @@ -1941,6 +1941,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ protected function _update_batch($table, $values, $index) { + $index_escaped = $this->protect_identifiers($index); + $ids = array(); foreach ($values as $key => $val) { @@ -1950,7 +1952,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { { if ($field !== $index) { - $final[$field][] = 'WHEN '.$index.' = '.$val[$index].' THEN '.$val[$field]; + $final[$field][] = 'WHEN '.$index_escaped.' = '.$val[$index].' THEN '.$val[$field]; } } } @@ -1963,7 +1965,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { .'ELSE '.$k.' END, '; } - $this->where($index.' IN('.implode(',', $ids).')', NULL, FALSE); + $this->where($index_escaped.' IN('.implode(',', $ids).')', NULL, FALSE); return 'UPDATE '.$table.' SET '.substr($cases, 0, -2).$this->_compile_wh('qb_where'); } |